Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Google Redirects


  • Please log in to reply
15 replies to this topic

#1 Johnny54

Johnny54

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:09:02 PM

Posted 21 September 2012 - 10:53 AM

Hello I have been having a bit of a problem over the last few days. When I use Google search on Google Chrome, I am often redirected to a site that I did not want to go to. Sometimes it is scour, however I also get redirected to merchantcircle.com, and even job search on monster.com. I understand from looking it up from the internet that this is likely a virus, however every antivirus I have used (McAffe, Malware Bytes, AVG) has not been successful in finding the problem. Any and all help would be greatly appreciated.

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:02 PM

Posted 21 September 2012 - 11:18 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 Johnny54

Johnny54
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:09:02 PM

Posted 22 September 2012 - 02:17 AM

Okay finally got back to my computer to run the scans. Here is the results

TDSSKiller


11:20:26.0102 2800 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
11:20:28.0289 2800 ============================================================
11:20:28.0289 2800 Current date / time: 2012/09/21 11:20:28.0289
11:20:28.0289 2800 SystemInfo:
11:20:28.0289 2800
11:20:28.0289 2800 OS Version: 6.1.7601 ServicePack: 1.0
11:20:28.0289 2800 Product type: Workstation
11:20:28.0289 2800 ComputerName: JOHNCAHILL-PC
11:20:28.0290 2800 UserName: John Cahill
11:20:28.0290 2800 Windows directory: C:\Windows
11:20:28.0290 2800 System windows directory: C:\Windows
11:20:28.0290 2800 Running under WOW64
11:20:28.0290 2800 Processor architecture: Intel x64
11:20:28.0290 2800 Number of processors: 2
11:20:28.0290 2800 Page size: 0x1000
11:20:28.0290 2800 Boot type: Normal boot
11:20:28.0290 2800 ============================================================
11:20:35.0639 2800 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:20:35.0645 2800 ============================================================
11:20:35.0645 2800 \Device\Harddisk0\DR0:
11:20:35.0645 2800 MBR partitions:
11:20:35.0645 2800 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2000800, BlocksNum 0x32000
11:20:35.0645 2800 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2032800, BlocksNum 0x38353000
11:20:35.0645 2800 ============================================================
11:20:35.0711 2800 C: <-> \Device\Harddisk0\DR0\Partition2
11:20:35.0711 2800 ============================================================
11:20:35.0711 2800 Initialize success
11:20:35.0711 2800 ============================================================
11:21:21.0131 3480 ============================================================
11:21:21.0132 3480 Scan started
11:21:21.0132 3480 Mode: Manual; TDLFS;
11:21:21.0132 3480 ============================================================
11:21:21.0861 3480 ================ Scan system memory ========================
11:21:21.0861 3480 System memory - ok
11:21:21.0862 3480 ================ Scan services =============================
11:21:22.0384 3480 0114281345922330mcinstcleanup - ok
11:21:23.0871 3480 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
11:21:23.0877 3480 1394ohci - ok
11:21:23.0975 3480 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
11:21:24.0111 3480 ACPI - ok
11:21:24.0398 3480 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
11:21:24.0400 3480 AcpiPmi - ok
11:21:24.0865 3480 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
11:21:24.0868 3480 AdobeARMservice - ok
11:21:26.0215 3480 [ A9D3B95E8466BD58EEB8A1154654E162 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
11:21:26.0261 3480 AdobeFlashPlayerUpdateSvc - ok
11:21:26.0563 3480 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
11:21:26.0576 3480 adp94xx - ok
11:21:26.0908 3480 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
11:21:26.0916 3480 adpahci - ok
11:21:27.0034 3480 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
11:21:27.0039 3480 adpu320 - ok
11:21:27.0110 3480 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
11:21:27.0113 3480 AeLookupSvc - ok
11:21:27.0397 3480 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
11:21:27.0408 3480 AFD - ok
11:21:27.0462 3480 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
11:21:27.0465 3480 agp440 - ok
11:21:27.0541 3480 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
11:21:27.0939 3480 ALG - ok
11:21:28.0047 3480 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
11:21:28.0064 3480 aliide - ok
11:21:28.0184 3480 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
11:21:28.0187 3480 amdide - ok
11:21:28.0269 3480 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
11:21:28.0271 3480 AmdK8 - ok
11:21:28.0302 3480 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
11:21:28.0305 3480 AmdPPM - ok
11:21:28.0376 3480 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
11:21:28.0404 3480 amdsata - ok
11:21:28.0475 3480 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
11:21:28.0480 3480 amdsbs - ok
11:21:28.0508 3480 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
11:21:28.0511 3480 amdxata - ok
11:21:28.0731 3480 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
11:21:28.0734 3480 AppID - ok
11:21:28.0802 3480 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
11:21:29.0551 3480 AppIDSvc - ok
11:21:29.0650 3480 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
11:21:29.0987 3480 Appinfo - ok
11:21:30.0159 3480 [ 20F6F19FE9E753F2780DC2FA083AD597 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
11:21:30.0162 3480 Apple Mobile Device - ok
11:21:30.0223 3480 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
11:21:30.0227 3480 arc - ok
11:21:30.0281 3480 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
11:21:30.0284 3480 arcsas - ok
11:21:30.0328 3480 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
11:21:30.0331 3480 AsyncMac - ok
11:21:30.0391 3480 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
11:21:30.0394 3480 atapi - ok
11:21:31.0662 3480 [ CC406DA84E7DD3FA3AD20340DBC66CF2 ] athr C:\Windows\system32\DRIVERS\athrx.sys
11:21:31.0742 3480 athr - ok
11:21:31.0967 3480 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
11:21:31.0984 3480 AudioEndpointBuilder - ok
11:21:32.0007 3480 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
11:21:32.0016 3480 AudioSrv - ok
11:21:33.0270 3480 [ 1D7D0D5D33D8B1507EC5FBFE332E5657 ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
11:21:33.0420 3480 AVGIDSAgent - ok
11:21:34.0032 3480 [ 5FD4D6C35738899905E16E5284981427 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys
11:21:34.0036 3480 AVGIDSDriver - ok
11:21:34.0061 3480 [ 132251CBBB95062E12FF21E212EB8FB4 ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys
11:21:34.0171 3480 AVGIDSHA - ok
11:21:34.0363 3480 [ 996FCACE7A8EFD926C8BB2C70A40C83F ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys
11:21:34.0407 3480 Avgldx64 - ok
11:21:34.0654 3480 [ 3E0E2D8CD63C58A37CF81704E83459DD ] Avgloga C:\Windows\system32\DRIVERS\avgloga.sys
11:21:34.0660 3480 Avgloga - ok
11:21:34.0700 3480 [ DC353C527816297BD11B13EA60C9BE75 ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys
11:21:34.0841 3480 Avgmfx64 - ok
11:21:34.0978 3480 [ 639CBC2F67FB25F9AB31957D9BF5CF8F ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys
11:21:35.0142 3480 Avgrkx64 - ok
11:21:35.0549 3480 [ 1917293728A872BF520952F69E024FE6 ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys
11:21:35.0554 3480 Avgtdia - ok
11:21:35.0687 3480 [ DE24B2CA078FC6A7EAA53B1DFD3F61CF ] avgtp C:\Windows\system32\drivers\avgtpx64.sys
11:21:35.0800 3480 avgtp - ok
11:21:35.0900 3480 [ 42F11F37CC06D9AB6528AF2E215B8799 ] avgwd C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
11:21:35.0905 3480 avgwd - ok
11:21:35.0958 3480 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
11:21:36.0306 3480 AxInstSV - ok
11:21:36.0950 3480 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
11:21:36.0961 3480 b06bdrv - ok
11:21:37.0269 3480 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
11:21:37.0273 3480 b57nd60a - ok
11:21:37.0744 3480 [ 93EE7D9C35AE7E9FFDA148D7805F1421 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
11:21:37.0762 3480 BBSvc - ok
11:21:38.0890 3480 [ 85111026F1C5A1C4CCE3697F0DA7BC1A ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
11:21:38.0980 3480 BCM43XX - ok
11:21:39.0115 3480 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
11:21:39.0837 3480 BDESVC - ok
11:21:40.0024 3480 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
11:21:40.0026 3480 Beep - ok
11:21:40.0095 3480 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
11:21:40.0293 3480 BFE - ok
11:21:40.0343 3480 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
11:21:40.0384 3480 BITS - ok
11:21:40.0437 3480 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
11:21:40.0440 3480 blbdrive - ok
11:21:40.0488 3480 [ 1C87705CCB2F60172B0FC86B5D82F00D ] Bonjour Service C:\Program Files (x86)\Bonjour\mDNSResponder.exe
11:21:40.0496 3480 Bonjour Service - ok
11:21:40.0551 3480 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
11:21:40.0555 3480 bowser - ok
11:21:40.0603 3480 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
11:21:40.0605 3480 BrFiltLo - ok
11:21:40.0610 3480 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
11:21:40.0612 3480 BrFiltUp - ok
11:21:40.0650 3480 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
11:21:40.0817 3480 Browser - ok
11:21:40.0846 3480 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
11:21:40.0854 3480 Brserid - ok
11:21:40.0862 3480 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
11:21:40.0866 3480 BrSerWdm - ok
11:21:40.0873 3480 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
11:21:40.0876 3480 BrUsbMdm - ok
11:21:40.0882 3480 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
11:21:40.0884 3480 BrUsbSer - ok
11:21:40.0903 3480 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
11:21:40.0906 3480 BTHMODEM - ok
11:21:40.0934 3480 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
11:21:41.0278 3480 bthserv - ok
11:21:41.0301 3480 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
11:21:41.0305 3480 cdfs - ok
11:21:41.0358 3480 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
11:21:41.0365 3480 cdrom - ok
11:21:41.0400 3480 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
11:21:41.0402 3480 CertPropSvc - ok
11:21:41.0446 3480 [ 274CE03459896006F7A5069266E0469E ] cfwids C:\Windows\system32\drivers\cfwids.sys
11:21:41.0448 3480 cfwids - ok
11:21:41.0474 3480 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
11:21:41.0477 3480 circlass - ok
11:21:41.0515 3480 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
11:21:41.0521 3480 CLFS - ok
11:21:41.0651 3480 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:21:41.0675 3480 clr_optimization_v2.0.50727_32 - ok
11:21:41.0707 3480 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:21:41.0714 3480 clr_optimization_v2.0.50727_64 - ok
11:21:41.0830 3480 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:21:41.0880 3480 clr_optimization_v4.0.30319_32 - ok
11:21:41.0919 3480 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:21:41.0932 3480 clr_optimization_v4.0.30319_64 - ok
11:21:41.0981 3480 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
11:21:41.0984 3480 CmBatt - ok
11:21:41.0998 3480 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
11:21:42.0011 3480 cmdide - ok
11:21:42.0065 3480 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
11:21:42.0073 3480 CNG - ok
11:21:42.0125 3480 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
11:21:42.0143 3480 Compbatt - ok
11:21:42.0173 3480 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
11:21:42.0176 3480 CompositeBus - ok
11:21:42.0196 3480 COMSysApp - ok
11:21:42.0210 3480 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
11:21:42.0213 3480 crcdisk - ok
11:21:42.0248 3480 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
11:21:42.0260 3480 CryptSvc - ok
11:21:42.0298 3480 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
11:21:42.0311 3480 DcomLaunch - ok
11:21:42.0344 3480 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
11:21:42.0544 3480 defragsvc - ok
11:21:42.0563 3480 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
11:21:42.0567 3480 DfsC - ok
11:21:42.0620 3480 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
11:21:42.0628 3480 Dhcp - ok
11:21:42.0658 3480 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
11:21:42.0661 3480 discache - ok
11:21:42.0700 3480 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
11:21:42.0703 3480 Disk - ok
11:21:42.0735 3480 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
11:21:42.0888 3480 Dnscache - ok
11:21:42.0929 3480 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
11:21:42.0936 3480 dot3svc - ok
11:21:42.0950 3480 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
11:21:42.0956 3480 DPS - ok
11:21:42.0996 3480 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
11:21:42.0998 3480 drmkaud - ok
11:21:43.0055 3480 [ 32C2CD16DC801AEF9EDAAFEA0DBD769E ] DsiWMIService C:\Program Files (x86)\Launch Manager\dsiwmis.exe
11:21:43.0063 3480 DsiWMIService - ok
11:21:43.0132 3480 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
11:21:43.0167 3480 DXGKrnl - ok
11:21:43.0207 3480 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
11:21:43.0383 3480 EapHost - ok
11:21:43.0510 3480 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
11:21:43.0603 3480 ebdrv - ok
11:21:43.0676 3480 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
11:21:43.0679 3480 EFS - ok
11:21:43.0721 3480 [ 03E6888DA1A85ACF14AC2A3C328A9E62 ] EgisTec Ticket Service C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
11:21:43.0738 3480 EgisTec Ticket Service - ok
11:21:43.0793 3480 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
11:21:44.0003 3480 ehRecvr - ok
11:21:44.0039 3480 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
11:21:44.0183 3480 ehSched - ok
11:21:44.0250 3480 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
11:21:44.0261 3480 elxstor - ok
11:21:44.0395 3480 [ EB1C213A8550F066B2CCC29C9F41E2AE ] ePowerSvc C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
11:21:44.0417 3480 ePowerSvc - ok
11:21:44.0467 3480 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
11:21:44.0469 3480 ErrDev - ok
11:21:44.0532 3480 [ DBAA0C650C9549DC5C599D1E81DEDAAD ] ETD C:\Windows\system32\DRIVERS\ETD.sys
11:21:44.0659 3480 ETD - ok
11:21:44.0714 3480 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
11:21:44.0721 3480 EventSystem - ok
11:21:44.0757 3480 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
11:21:44.0761 3480 exfat - ok
11:21:44.0797 3480 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
11:21:44.0801 3480 fastfat - ok
11:21:44.0838 3480 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
11:21:45.0154 3480 Fax - ok
11:21:45.0205 3480 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
11:21:45.0218 3480 fdc - ok
11:21:45.0264 3480 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
11:21:45.0421 3480 fdPHost - ok
11:21:45.0479 3480 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
11:21:45.0669 3480 FDResPub - ok
11:21:45.0711 3480 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
11:21:45.0715 3480 FileInfo - ok
11:21:45.0734 3480 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
11:21:45.0737 3480 Filetrace - ok
11:21:45.0792 3480 [ BB0667B0171B632B97EA759515476F07 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
11:21:45.0810 3480 FLEXnet Licensing Service - ok
11:21:45.0864 3480 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
11:21:45.0867 3480 flpydisk - ok
11:21:45.0888 3480 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
11:21:45.0896 3480 FltMgr - ok
11:21:45.0989 3480 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
11:21:46.0313 3480 FontCache - ok
11:21:46.0369 3480 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:21:46.0374 3480 FontCache3.0.0.0 - ok
11:21:46.0407 3480 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
11:21:46.0410 3480 FsDepends - ok
11:21:46.0451 3480 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
11:21:46.0477 3480 Fs_Rec - ok
11:21:46.0512 3480 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
11:21:46.0518 3480 fvevol - ok
11:21:46.0547 3480 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
11:21:46.0551 3480 gagp30kx - ok
11:21:46.0620 3480 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
11:21:46.0656 3480 GamesAppService - ok
11:21:46.0698 3480 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
11:21:46.0815 3480 GEARAspiWDM - ok
11:21:46.0856 3480 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
11:21:47.0044 3480 gpsvc - ok
11:21:47.0096 3480 [ 0191DEE9B9EB7902AF2CF4F67301095D ] GREGService C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
11:21:47.0099 3480 GREGService - ok
11:21:47.0127 3480 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
11:21:47.0130 3480 hcw85cir - ok
11:21:47.0162 3480 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
11:21:47.0171 3480 HdAudAddService - ok
11:21:47.0213 3480 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
11:21:47.0218 3480 HDAudBus - ok
11:21:47.0251 3480 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\drivers\HECIx64.sys
11:21:47.0254 3480 HECIx64 - ok
11:21:47.0261 3480 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
11:21:47.0264 3480 HidBatt - ok
11:21:47.0273 3480 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
11:21:47.0277 3480 HidBth - ok
11:21:47.0299 3480 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
11:21:47.0302 3480 HidIr - ok
11:21:47.0336 3480 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
11:21:47.0472 3480 hidserv - ok
11:21:47.0511 3480 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
11:21:47.0514 3480 HidUsb - ok
11:21:47.0544 3480 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
11:21:47.0894 3480 hkmsvc - ok
11:21:48.0104 3480 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
11:21:48.0263 3480 HomeGroupListener - ok
11:21:48.0302 3480 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
11:21:48.0442 3480 HomeGroupProvider - ok
11:21:48.0468 3480 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
11:21:48.0470 3480 HpSAMD - ok
11:21:48.0514 3480 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
11:21:48.0525 3480 HTTP - ok
11:21:48.0560 3480 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
11:21:48.0562 3480 hwpolicy - ok
11:21:48.0594 3480 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
11:21:48.0597 3480 i8042prt - ok
11:21:48.0636 3480 [ 1384872112E8E7FD5786ECEB8BDDF4C9 ] iaStor C:\Windows\system32\drivers\iaStor.sys
11:21:48.0641 3480 iaStor - ok
11:21:48.0713 3480 [ 6B24D1C3096DE796D15571079EA5E98C ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
11:21:48.0715 3480 IAStorDataMgrSvc - ok
11:21:48.0753 3480 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
11:21:48.0762 3480 iaStorV - ok
11:21:48.0847 3480 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:21:48.0892 3480 idsvc - ok
11:21:49.0128 3480 [ C6238C6ABD6AC99F5D152DA4E9439A3D ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
11:21:49.0321 3480 igfx - ok
11:21:49.0342 3480 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
11:21:49.0344 3480 iirsp - ok
11:21:49.0376 3480 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
11:21:49.0568 3480 IKEEXT - ok
11:21:49.0632 3480 [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys
11:21:49.0637 3480 Impcd - ok
11:21:49.0743 3480 [ 650D06E28A43E365A01EC4EE0946FC24 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
11:21:49.0820 3480 IntcAzAudAddService - ok
11:21:49.0831 3480 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
11:21:49.0833 3480 intelide - ok
11:21:49.0856 3480 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
11:21:49.0858 3480 intelppm - ok
11:21:49.0894 3480 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
11:21:50.0067 3480 IPBusEnum - ok
11:21:50.0091 3480 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:21:50.0095 3480 IpFilterDriver - ok
11:21:50.0139 3480 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
11:21:50.0151 3480 iphlpsvc - ok
11:21:50.0159 3480 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
11:21:50.0162 3480 IPMIDRV - ok
11:21:50.0181 3480 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
11:21:50.0184 3480 IPNAT - ok
11:21:50.0228 3480 [ FDF57F795098AB29AF780824315C9859 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
11:21:50.0244 3480 iPod Service - ok
11:21:50.0269 3480 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
11:21:50.0271 3480 IRENUM - ok
11:21:50.0276 3480 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
11:21:50.0278 3480 isapnp - ok
11:21:50.0300 3480 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
11:21:50.0305 3480 iScsiPrt - ok
11:21:50.0341 3480 [ 0469BFF65BBDEE9E46D0C45EE32A08BD ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys
11:21:50.0347 3480 k57nd60a - ok
11:21:50.0376 3480 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
11:21:50.0379 3480 kbdclass - ok
11:21:50.0393 3480 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
11:21:50.0395 3480 kbdhid - ok
11:21:50.0421 3480 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
11:21:50.0424 3480 KeyIso - ok
11:21:50.0459 3480 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
11:21:50.0547 3480 KSecDD - ok
11:21:50.0558 3480 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
11:21:50.0668 3480 KSecPkg - ok
11:21:50.0687 3480 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
11:21:50.0689 3480 ksthunk - ok
11:21:50.0721 3480 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
11:21:50.0834 3480 KtmRm - ok
11:21:50.0883 3480 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
11:21:50.0893 3480 LanmanServer - ok
11:21:50.0944 3480 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:21:51.0066 3480 LanmanWorkstation - ok
11:21:51.0122 3480 [ 6BCEE9C766815BFFF89DE7D81AF34CE1 ] Live Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
11:21:51.0128 3480 Live Updater Service - ok
11:21:51.0161 3480 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
11:21:51.0165 3480 lltdio - ok
11:21:51.0201 3480 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
11:21:51.0334 3480 lltdsvc - ok
11:21:51.0367 3480 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
11:21:51.0371 3480 lmhosts - ok
11:21:51.0444 3480 [ DBC1136A62BD4DECC3632DF650284C2E ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
11:21:51.0451 3480 LMS - ok
11:21:51.0478 3480 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
11:21:51.0482 3480 LSI_FC - ok
11:21:51.0505 3480 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
11:21:51.0510 3480 LSI_SAS - ok
11:21:51.0517 3480 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
11:21:51.0521 3480 LSI_SAS2 - ok
11:21:51.0528 3480 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
11:21:51.0531 3480 LSI_SCSI - ok
11:21:51.0551 3480 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
11:21:51.0554 3480 luafv - ok
11:21:51.0627 3480 [ ACB01BF1A905356AB7F978C7FE852209 ] McAfee SiteAdvisor Service C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
11:21:51.0633 3480 McAfee SiteAdvisor Service - ok
11:21:51.0730 3480 [ F453D1E6D881E8F8717E20CCD4199E85 ] McComponentHostService C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe
11:21:51.0747 3480 McComponentHostService - ok
11:21:51.0772 3480 [ ACB01BF1A905356AB7F978C7FE852209 ] McMPFSvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
11:21:51.0776 3480 McMPFSvc - ok
11:21:51.0830 3480 [ ACB01BF1A905356AB7F978C7FE852209 ] mcmscsvc C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
11:21:51.0834 3480 mcmscsvc - ok
11:21:51.0843 3480 [ ACB01BF1A905356AB7F978C7FE852209 ] McNaiAnn C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
11:21:51.0847 3480 McNaiAnn - ok
11:21:51.0859 3480 [ ACB01BF1A905356AB7F978C7FE852209 ] McNASvc C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
11:21:51.0862 3480 McNASvc - ok
11:21:52.0003 3480 [ 44D0DA102FA7A1BE22FD7499E80DCF9B ] McODS C:\Program Files\mcafee\VirusScan\mcods.exe
11:21:52.0010 3480 McODS - ok
11:21:52.0020 3480 [ ACB01BF1A905356AB7F978C7FE852209 ] McOobeSv C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
11:21:52.0025 3480 McOobeSv - ok
11:21:52.0035 3480 [ ACB01BF1A905356AB7F978C7FE852209 ] McProxy C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
11:21:52.0038 3480 McProxy - ok
11:21:52.0074 3480 [ E998E3B12101288D716558466CBF6AE1 ] McShield C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
11:21:52.0078 3480 McShield - ok
11:21:52.0106 3480 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
11:21:52.0191 3480 Mcx2Svc - ok
11:21:52.0231 3480 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
11:21:52.0234 3480 megasas - ok
11:21:52.0258 3480 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
11:21:52.0266 3480 MegaSR - ok
11:21:52.0350 3480 [ 01884CB7655C8908B43FF5E364FE6FD2 ] mfeapfk C:\Windows\system32\drivers\mfeapfk.sys
11:21:52.0355 3480 mfeapfk - ok
11:21:52.0395 3480 [ DAB9A9CDFB04E4D68924492AA043019D ] mfeavfk C:\Windows\system32\drivers\mfeavfk.sys
11:21:52.0401 3480 mfeavfk - ok
11:21:52.0423 3480 mfeavfk01 - ok
11:21:52.0466 3480 [ B26782C3D6045B4464017D7926877560 ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
11:21:52.0471 3480 mfefire - ok
11:21:52.0513 3480 [ CE9A3680675C0907ADE16404CA967B49 ] mfefirek C:\Windows\system32\drivers\mfefirek.sys
11:21:52.0524 3480 mfefirek - ok
11:21:52.0607 3480 [ 60CF67458DD29CD17E77F2327B1A9A54 ] mfehidk C:\Windows\system32\drivers\mfehidk.sys
11:21:52.0625 3480 mfehidk - ok
11:21:52.0654 3480 [ A8129CFB919347F8533C934B365E9202 ] mfenlfk C:\Windows\system32\DRIVERS\mfenlfk.sys
11:21:52.0658 3480 mfenlfk - ok
11:21:52.0685 3480 [ 5041FA2BD2B3A2693B015771BFBF6DCA ] mferkdet C:\Windows\system32\drivers\mferkdet.sys
11:21:52.0811 3480 mferkdet - ok
11:21:52.0844 3480 [ 723A5EB6CEF7F408C3D0F15A82A6BFF8 ] mfevtp C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
11:21:52.0848 3480 mfevtp - ok
11:21:52.0872 3480 [ 919C56DB14A0E1E2AB6DA5D2821DC26E ] mfewfpk C:\Windows\system32\drivers\mfewfpk.sys
11:21:52.0880 3480 mfewfpk - ok
11:21:52.0965 3480 Microsoft SharePoint Workspace Audit Service - ok
11:21:52.0999 3480 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
11:21:53.0004 3480 MMCSS - ok
11:21:53.0025 3480 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
11:21:53.0029 3480 Modem - ok
11:21:53.0074 3480 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
11:21:53.0075 3480 monitor - ok
11:21:53.0098 3480 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
11:21:53.0102 3480 mouclass - ok
11:21:53.0110 3480 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\drivers\mouhid.sys
11:21:53.0113 3480 mouhid - ok
11:21:53.0142 3480 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
11:21:53.0145 3480 mountmgr - ok
11:21:53.0222 3480 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
11:21:53.0227 3480 MozillaMaintenance - ok
11:21:53.0246 3480 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
11:21:53.0251 3480 mpio - ok
11:21:53.0268 3480 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
11:21:53.0271 3480 mpsdrv - ok
11:21:53.0325 3480 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
11:21:53.0361 3480 MpsSvc - ok
11:21:53.0386 3480 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
11:21:53.0392 3480 MRxDAV - ok
11:21:53.0438 3480 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
11:21:53.0444 3480 mrxsmb - ok
11:21:53.0463 3480 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:21:53.0592 3480 mrxsmb10 - ok
11:21:53.0622 3480 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:21:53.0625 3480 mrxsmb20 - ok
11:21:53.0644 3480 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
11:21:53.0647 3480 msahci - ok
11:21:53.0653 3480 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
11:21:53.0657 3480 msdsm - ok
11:21:53.0683 3480 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
11:21:54.0002 3480 MSDTC - ok
11:21:54.0040 3480 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
11:21:54.0042 3480 Msfs - ok
11:21:54.0070 3480 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
11:21:54.0072 3480 mshidkmdf - ok
11:21:54.0102 3480 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
11:21:54.0132 3480 msisadrv - ok
11:21:54.0278 3480 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
11:21:54.0465 3480 MSiSCSI - ok
11:21:54.0475 3480 msiserver - ok
11:21:54.0503 3480 [ ACB01BF1A905356AB7F978C7FE852209 ] MSK80Service C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
11:21:54.0505 3480 MSK80Service - ok
11:21:54.0554 3480 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
11:21:54.0556 3480 MSKSSRV - ok
11:21:54.0562 3480 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
11:21:54.0568 3480 MSPCLOCK - ok
11:21:54.0587 3480 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
11:21:54.0589 3480 MSPQM - ok
11:21:54.0612 3480 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
11:21:54.0618 3480 MsRPC - ok
11:21:54.0648 3480 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
11:21:54.0650 3480 mssmbios - ok
11:21:54.0654 3480 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
11:21:54.0656 3480 MSTEE - ok
11:21:54.0660 3480 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
11:21:54.0662 3480 MTConfig - ok
11:21:54.0688 3480 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
11:21:54.0690 3480 Mup - ok
11:21:54.0747 3480 [ 9B1EAC6FAF6F37305E822F5588DC8056 ] mwlPSDFilter C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
11:21:54.0750 3480 mwlPSDFilter - ok
11:21:54.0778 3480 [ AD55C1524B296280ED9C6E0D730D35DA ] mwlPSDNServ C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
11:21:54.0781 3480 mwlPSDNServ - ok
11:21:54.0796 3480 [ 2B599E6EC8843637BDD62E7F8F3BA201 ] mwlPSDVDisk C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
11:21:54.0798 3480 mwlPSDVDisk - ok
11:21:54.0829 3480 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
11:21:54.0836 3480 napagent - ok
11:21:54.0875 3480 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
11:21:54.0880 3480 NativeWifiP - ok
11:21:55.0011 3480 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
11:21:55.0029 3480 NDIS - ok
11:21:55.0051 3480 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
11:21:55.0053 3480 NdisCap - ok
11:21:55.0127 3480 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
11:21:55.0129 3480 NdisTapi - ok
11:21:55.0161 3480 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
11:21:55.0164 3480 Ndisuio - ok
11:21:55.0196 3480 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
11:21:55.0201 3480 NdisWan - ok
11:21:55.0227 3480 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
11:21:55.0230 3480 NDProxy - ok
11:21:55.0397 3480 [ 2334DC48997BA203B794DF3EE70521DB ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
11:21:55.0908 3480 Net Driver HPZ12 - ok
11:21:55.0955 3480 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
11:21:55.0958 3480 NetBIOS - ok
11:21:55.0996 3480 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
11:21:56.0001 3480 NetBT - ok
11:21:56.0032 3480 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
11:21:56.0034 3480 Netlogon - ok
11:21:56.0085 3480 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
11:21:56.0093 3480 Netman - ok
11:21:56.0103 3480 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
11:21:56.0110 3480 netprofm - ok
11:21:56.0158 3480 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
11:21:56.0162 3480 NetTcpPortSharing - ok
11:21:56.0217 3480 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
11:21:56.0222 3480 nfrd960 - ok
11:21:56.0299 3480 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
11:21:56.0308 3480 NlaSvc - ok
11:21:56.0433 3480 [ 5839A8027D6D324A7CD494051A96628C ] NOBU C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
11:21:56.0511 3480 NOBU - ok
11:21:56.0533 3480 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
11:21:56.0535 3480 Npfs - ok
11:21:56.0559 3480 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
11:21:56.0662 3480 nsi - ok
11:21:56.0756 3480 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
11:21:56.0759 3480 nsiproxy - ok
11:21:56.0835 3480 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
11:21:56.0882 3480 Ntfs - ok
11:21:56.0954 3480 [ 773EED20BBF50809437373C0285BFA5E ] NTI IScheduleSvc C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
11:21:56.0960 3480 NTI IScheduleSvc - ok
11:21:56.0972 3480 [ EE3BA1024594D5D09E314F206B94069E ] NTIDrvr C:\Windows\system32\drivers\NTIDrvr.sys
11:21:57.0089 3480 NTIDrvr - ok
11:21:57.0121 3480 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
11:21:57.0123 3480 Null - ok
11:21:57.0176 3480 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
11:21:57.0181 3480 nvraid - ok
11:21:57.0221 3480 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
11:21:57.0364 3480 nvstor - ok
11:21:57.0382 3480 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
11:21:57.0385 3480 nv_agp - ok
11:21:57.0391 3480 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
11:21:57.0394 3480 ohci1394 - ok
11:21:57.0483 3480 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:21:57.0488 3480 ose - ok
11:21:57.0655 3480 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
11:21:57.0779 3480 osppsvc - ok
11:21:57.0831 3480 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
11:21:57.0837 3480 p2pimsvc - ok
11:21:57.0869 3480 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
11:21:58.0076 3480 p2psvc - ok
11:21:58.0114 3480 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
11:21:58.0117 3480 Parport - ok
11:21:58.0145 3480 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
11:21:58.0148 3480 partmgr - ok
11:21:58.0174 3480 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
11:21:58.0361 3480 PcaSvc - ok
11:21:58.0391 3480 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
11:21:58.0397 3480 pci - ok
11:21:58.0419 3480 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
11:21:58.0422 3480 pciide - ok
11:21:58.0433 3480 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
11:21:58.0439 3480 pcmcia - ok
11:21:58.0466 3480 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
11:21:58.0474 3480 pcw - ok
11:21:58.0486 3480 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
11:21:58.0495 3480 PEAUTH - ok
11:21:58.0622 3480 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
11:21:58.0794 3480 PerfHost - ok
11:21:58.0906 3480 [ 41EAB79598B57AFF63CCE8DD5057D1DA ] Pharos Systems ComTaskMaster C:\PROGRA~2\PHAROS~1\Core\CTskMstr.exe
11:21:58.0913 3480 Pharos Systems ComTaskMaster - ok
11:21:58.0987 3480 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
11:21:59.0034 3480 pla - ok
11:21:59.0099 3480 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
11:21:59.0111 3480 PlugPlay - ok
11:21:59.0132 3480 [ AC78DF349F0E4CFB8B667C0CFFF83CCE ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
11:21:59.0212 3480 Pml Driver HPZ12 - ok
11:21:59.0227 3480 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
11:21:59.0362 3480 PNRPAutoReg - ok
11:21:59.0388 3480 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
11:21:59.0396 3480 PNRPsvc - ok
11:21:59.0428 3480 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
11:21:59.0565 3480 PolicyAgent - ok
11:21:59.0641 3480 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
11:21:59.0646 3480 Power - ok
11:21:59.0685 3480 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
11:21:59.0689 3480 PptpMiniport - ok
11:21:59.0717 3480 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
11:21:59.0720 3480 Processor - ok
11:21:59.0760 3480 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
11:21:59.0860 3480 ProfSvc - ok
11:21:59.0887 3480 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
11:21:59.0891 3480 ProtectedStorage - ok
11:21:59.0923 3480 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
11:21:59.0927 3480 Psched - ok
11:21:59.0968 3480 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
11:22:00.0002 3480 ql2300 - ok
11:22:00.0016 3480 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
11:22:00.0020 3480 ql40xx - ok
11:22:00.0043 3480 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
11:22:00.0050 3480 QWAVE - ok
11:22:00.0067 3480 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
11:22:00.0070 3480 QWAVEdrv - ok
11:22:00.0075 3480 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
11:22:00.0078 3480 RasAcd - ok
11:22:00.0128 3480 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
11:22:00.0132 3480 RasAgileVpn - ok
11:22:00.0152 3480 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
11:22:00.0157 3480 RasAuto - ok
11:22:00.0178 3480 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
11:22:00.0182 3480 Rasl2tp - ok
11:22:00.0201 3480 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
11:22:00.0208 3480 RasMan - ok
11:22:00.0230 3480 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
11:22:00.0233 3480 RasPppoe - ok
11:22:00.0243 3480 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
11:22:00.0246 3480 RasSstp - ok
11:22:00.0264 3480 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
11:22:00.0269 3480 rdbss - ok
11:22:00.0299 3480 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
11:22:00.0301 3480 rdpbus - ok
11:22:00.0334 3480 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
11:22:00.0337 3480 RDPCDD - ok
11:22:00.0358 3480 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
11:22:00.0361 3480 RDPENCDD - ok
11:22:00.0384 3480 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
11:22:00.0390 3480 RDPREFMP - ok
11:22:00.0426 3480 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
11:22:00.0431 3480 RDPWD - ok
11:22:00.0454 3480 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
11:22:00.0459 3480 rdyboost - ok
11:22:00.0493 3480 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
11:22:00.0497 3480 RemoteAccess - ok
11:22:00.0521 3480 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
11:22:00.0526 3480 RemoteRegistry - ok
11:22:00.0542 3480 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
11:22:00.0628 3480 RpcEptMapper - ok
11:22:00.0686 3480 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
11:22:00.0806 3480 RpcLocator - ok
11:22:00.0841 3480 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
11:22:00.0852 3480 RpcSs - ok
11:22:00.0895 3480 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
11:22:00.0899 3480 rspndr - ok
11:22:00.0946 3480 [ 0E3DCF76F11DC431B088A2DFD7265CDA ] RSUSBSTOR C:\Windows\System32\Drivers\RtsUStor.sys
11:22:00.0952 3480 RSUSBSTOR - ok
11:22:00.0965 3480 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
11:22:00.0969 3480 SamSs - ok
11:22:00.0988 3480 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
11:22:00.0991 3480 sbp2port - ok
11:22:01.0029 3480 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
11:22:01.0041 3480 SCardSvr - ok
11:22:01.0066 3480 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
11:22:01.0069 3480 scfilter - ok
11:22:01.0101 3480 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
11:22:01.0137 3480 Schedule - ok
11:22:01.0177 3480 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
11:22:01.0178 3480 SCPolicySvc - ok
11:22:01.0194 3480 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
11:22:01.0501 3480 SDRSVC - ok
11:22:01.0585 3480 [ CC781378E7EDA615D2CDCA3B17829FA4 ] SeaPort C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
11:22:01.0591 3480 SeaPort - ok
11:22:01.0635 3480 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
11:22:01.0638 3480 secdrv - ok
11:22:01.0688 3480 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
11:22:01.0784 3480 seclogon - ok
11:22:01.0836 3480 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
11:22:01.0842 3480 SENS - ok
11:22:01.0850 3480 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
11:22:01.0996 3480 SensrSvc - ok
11:22:02.0025 3480 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
11:22:02.0029 3480 Serenum - ok
11:22:02.0050 3480 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
11:22:02.0054 3480 Serial - ok
11:22:02.0062 3480 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
11:22:02.0065 3480 sermouse - ok
11:22:02.0137 3480 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
11:22:02.0142 3480 SessionEnv - ok
11:22:02.0147 3480 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
11:22:02.0149 3480 sffdisk - ok
11:22:02.0154 3480 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
11:22:02.0156 3480 sffp_mmc - ok
11:22:02.0162 3480 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
11:22:02.0165 3480 sffp_sd - ok
11:22:02.0217 3480 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
11:22:02.0220 3480 sfloppy - ok
11:22:02.0270 3480 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
11:22:02.0280 3480 SharedAccess - ok
11:22:02.0317 3480 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:22:02.0325 3480 ShellHWDetection - ok
11:22:02.0346 3480 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
11:22:02.0349 3480 SiSRaid2 - ok
11:22:02.0354 3480 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
11:22:02.0357 3480 SiSRaid4 - ok
11:22:02.0534 3480 [ 753D254205E0A62100A050BD8B458D06 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
11:22:02.0633 3480 Skype C2C Service - ok
11:22:02.0720 3480 [ DDAA5F4A6B958FC313EBD02DD925752F ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
11:22:02.0731 3480 SkypeUpdate - ok
11:22:02.0768 3480 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
11:22:02.0773 3480 Smb - ok
11:22:02.0819 3480 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
11:22:02.0890 3480 SNMPTRAP - ok
11:22:02.0909 3480 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
11:22:02.0913 3480 spldr - ok
11:22:02.0947 3480 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
11:22:02.0966 3480 Spooler - ok
11:22:03.0078 3480 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
11:22:03.0402 3480 sppsvc - ok
11:22:03.0420 3480 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
11:22:03.0424 3480 sppuinotify - ok
11:22:03.0469 3480 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
11:22:03.0480 3480 srv - ok
11:22:03.0504 3480 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
11:22:03.0511 3480 srv2 - ok
11:22:03.0545 3480 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
11:22:03.0549 3480 srvnet - ok
11:22:03.0586 3480 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
11:22:03.0594 3480 SSDPSRV - ok
11:22:03.0611 3480 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
11:22:03.0617 3480 SstpSvc - ok
11:22:03.0654 3480 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
11:22:03.0656 3480 stexstor - ok
11:22:03.0699 3480 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
11:22:03.0710 3480 stisvc - ok
11:22:03.0749 3480 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
11:22:03.0751 3480 swenum - ok
11:22:03.0775 3480 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
11:22:03.0916 3480 swprv - ok
11:22:03.0989 3480 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
11:22:04.0243 3480 SysMain - ok
11:22:04.0280 3480 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
11:22:04.0374 3480 TabletInputService - ok
11:22:04.0400 3480 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
11:22:04.0411 3480 TapiSrv - ok
11:22:04.0430 3480 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
11:22:04.0434 3480 TBS - ok
11:22:04.0515 3480 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
11:22:04.0576 3480 Tcpip - ok
11:22:04.0630 3480 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
11:22:04.0644 3480 TCPIP6 - ok
11:22:04.0671 3480 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
11:22:04.0673 3480 tcpipreg - ok
11:22:04.0698 3480 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
11:22:04.0700 3480 TDPIPE - ok
11:22:04.0735 3480 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
11:22:04.0737 3480 TDTCP - ok
11:22:04.0756 3480 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
11:22:04.0759 3480 tdx - ok
11:22:04.0786 3480 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
11:22:04.0788 3480 TermDD - ok
11:22:04.0820 3480 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
11:22:04.0836 3480 TermService - ok
11:22:04.0845 3480 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
11:22:05.0129 3480 Themes - ok
11:22:05.0153 3480 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
11:22:05.0158 3480 THREADORDER - ok
11:22:05.0190 3480 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
11:22:05.0306 3480 TrkWks - ok
11:22:05.0384 3480 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:22:05.0390 3480 TrustedInstaller - ok
11:22:05.0408 3480 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
11:22:05.0412 3480 tssecsrv - ok
11:22:05.0436 3480 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
11:22:05.0438 3480 TsUsbFlt - ok
11:22:05.0460 3480 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
11:22:05.0462 3480 TsUsbGD - ok
11:22:05.0493 3480 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
11:22:05.0497 3480 tunnel - ok
11:22:05.0504 3480 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
11:22:05.0507 3480 uagp35 - ok
11:22:05.0512 3480 [ A17D5E1A6DF4EAB0A480F2C490DE4C9D ] UBHelper C:\Windows\system32\drivers\UBHelper.sys
11:22:05.0514 3480 UBHelper - ok
11:22:05.0534 3480 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
11:22:05.0540 3480 udfs - ok
11:22:05.0576 3480 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
11:22:05.0819 3480 UI0Detect - ok
11:22:05.0838 3480 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
11:22:05.0842 3480 uliagpkx - ok
11:22:05.0889 3480 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
11:22:05.0892 3480 umbus - ok
11:22:05.0901 3480 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
11:22:05.0903 3480 UmPass - ok
11:22:06.0282 3480 [ 7466809E6DA561D60C2F1CE8EDE3C73F ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
11:22:06.0363 3480 UNS - ok
11:22:06.0409 3480 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
11:22:06.0420 3480 upnphost - ok
11:22:06.0470 3480 [ AA33FC47ED58C34E6E9261E4F850B7EB ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
11:22:06.0474 3480 USBAAPL64 - ok
11:22:06.0515 3480 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
11:22:06.0519 3480 usbccgp - ok
11:22:06.0556 3480 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
11:22:06.0560 3480 usbcir - ok
11:22:06.0577 3480 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
11:22:06.0581 3480 usbehci - ok
11:22:06.0618 3480 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
11:22:06.0624 3480 usbhub - ok
11:22:06.0662 3480 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
11:22:06.0665 3480 usbohci - ok
11:22:06.0685 3480 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
11:22:06.0687 3480 usbprint - ok
11:22:06.0744 3480 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
11:22:06.0753 3480 usbscan - ok
11:22:06.0779 3480 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:22:06.0782 3480 USBSTOR - ok
11:22:06.0802 3480 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
11:22:06.0805 3480 usbuhci - ok
11:22:06.0819 3480 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
11:22:06.0824 3480 usbvideo - ok
11:22:06.0847 3480 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
11:22:06.0992 3480 UxSms - ok
11:22:07.0000 3480 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
11:22:07.0004 3480 VaultSvc - ok
11:22:07.0036 3480 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
11:22:07.0038 3480 vdrvroot - ok
11:22:07.0079 3480 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
11:22:07.0189 3480 vds - ok
11:22:07.0227 3480 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
11:22:07.0231 3480 vga - ok
11:22:07.0254 3480 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
11:22:07.0257 3480 VgaSave - ok
11:22:07.0269 3480 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
11:22:07.0275 3480 vhdmp - ok
11:22:07.0284 3480 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
11:22:07.0287 3480 viaide - ok
11:22:07.0299 3480 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
11:22:07.0303 3480 volmgr - ok
11:22:07.0326 3480 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
11:22:07.0331 3480 volmgrx - ok
11:22:07.0339 3480 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
11:22:07.0344 3480 volsnap - ok
11:22:07.0364 3480 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
11:22:07.0368 3480 vsmraid - ok
11:22:07.0421 3480 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
11:22:07.0595 3480 VSS - ok
11:22:07.0683 3480 [ 40DBA03782BCC10685A8C200C5EBDCD0 ] vToolbarUpdater12.2.6 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe
11:22:07.0701 3480 vToolbarUpdater12.2.6 - ok
11:22:07.0724 3480 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
11:22:07.0727 3480 vwifibus - ok
11:22:07.0748 3480 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
11:22:07.0750 3480 vwififlt - ok
11:22:07.0784 3480 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
11:22:07.0868 3480 W32Time - ok
11:22:07.0922 3480 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
11:22:07.0925 3480 WacomPen - ok
11:22:07.0968 3480 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
11:22:07.0972 3480 WANARP - ok
11:22:07.0991 3480 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
11:22:07.0994 3480 Wanarpv6 - ok
11:22:08.0077 3480 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
11:22:08.0113 3480 WatAdminSvc - ok
11:22:08.0160 3480 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
11:22:08.0556 3480 wbengine - ok
11:22:08.0576 3480 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
11:22:08.0695 3480 WbioSrvc - ok
11:22:08.0730 3480 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
11:22:08.0742 3480 wcncsvc - ok
11:22:08.0758 3480 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:22:08.0762 3480 WcsPlugInService - ok
11:22:08.0791 3480 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
11:22:08.0794 3480 Wd - ok
11:22:08.0824 3480 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
11:22:08.0834 3480 Wdf01000 - ok
11:22:08.0854 3480 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
11:22:08.0858 3480 WdiServiceHost - ok
11:22:08.0863 3480 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
11:22:08.0866 3480 WdiSystemHost - ok
11:22:08.0886 3480 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
11:22:08.0892 3480 WebClient - ok
11:22:08.0912 3480 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
11:22:08.0918 3480 Wecsvc - ok
11:22:08.0935 3480 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
11:22:09.0138 3480 wercplsupport - ok
11:22:09.0187 3480 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
11:22:09.0194 3480 WerSvc - ok
11:22:09.0226 3480 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
11:22:09.0229 3480 WfpLwf - ok
11:22:09.0243 3480 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
11:22:09.0247 3480 WIMMount - ok
11:22:09.0271 3480 WinDefend - ok
11:22:09.0278 3480 WinHttpAutoProxySvc - ok
11:22:09.0343 3480 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
11:22:09.0372 3480 Winmgmt - ok
11:22:09.0519 3480 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
11:22:09.0545 3480 WinRM - ok
11:22:09.0611 3480 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
11:22:09.0630 3480 Wlansvc - ok
11:22:09.0678 3480 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
11:22:09.0681 3480 wlcrasvc - ok
11:22:09.0774 3480 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
11:22:09.0816 3480 wlidsvc - ok
11:22:09.0877 3480 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
11:22:09.0880 3480 WmiAcpi - ok
11:22:09.0939 3480 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
11:22:10.0124 3480 wmiApSrv - ok
11:22:10.0158 3480 WMPNetworkSvc - ok
11:22:10.0189 3480 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
11:22:10.0195 3480 WPCSvc - ok
11:22:10.0210 3480 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
11:22:10.0217 3480 WPDBusEnum - ok
11:22:10.0230 3480 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
11:22:10.0232 3480 ws2ifsl - ok
11:22:10.0249 3480 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
11:22:10.0253 3480 wscsvc - ok
11:22:10.0258 3480 WSearch - ok
11:22:10.0363 3480 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
11:22:10.0444 3480 wuauserv - ok
11:22:10.0496 3480 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
11:22:10.0501 3480 WudfPf - ok
11:22:10.0537 3480 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
11:22:10.0542 3480 WUDFRd - ok
11:22:10.0579 3480 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
11:22:10.0707 3480 wudfsvc - ok
11:22:10.0731 3480 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
11:22:10.0965 3480 WwanSvc - ok
11:22:11.0002 3480 ================ Scan global ===============================
11:22:11.0023 3480 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
11:22:11.0123 3480 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
11:22:11.0270 3480 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
11:22:11.0299 3480 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
11:22:11.0465 3480 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
11:22:11.0475 3480 [Global] - ok
11:22:11.0479 3480 ================ Scan MBR ==================================
11:22:11.0493 3480 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
11:22:11.0985 3480 \Device\Harddisk0\DR0 - ok
11:22:11.0986 3480 ================ Scan VBR ==================================
11:22:11.0990 3480 [ 0D63726CE2CF8740CFD266F6E4FF767F ] \Device\Harddisk0\DR0\Partition1
11:22:11.0993 3480 \Device\Harddisk0\DR0\Partition1 - ok
11:22:12.0029 3480 [ F0CA966BD303AC814CA382A73BAA3FEF ] \Device\Harddisk0\DR0\Partition2
11:22:12.0033 3480 \Device\Harddisk0\DR0\Partition2 - ok
11:22:12.0033 3480 ============================================================
11:22:12.0034 3480 Scan finished
11:22:12.0034 3480 ============================================================
11:22:12.0050 1836 Detected object count: 0
11:22:12.0050 1836 Actual detected object count: 0
15:42:57.0210 7420 Deinitialize success

_________________________________________________________________________________________________

aswMBR


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-09-21 11:25:15
-----------------------------
11:25:15.973 OS Version: Windows x64 6.1.7601 Service Pack 1
11:25:15.973 Number of processors: 2 586 0x2505
11:25:16.002 ComputerName: JOHNCAHILL-PC UserName: John Cahill
11:25:21.853 Initialize success
11:26:53.928 AVAST engine defs: 12092100
11:27:24.467 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
11:27:24.472 Disk 0 Vendor: WDC_WD50 01.0 Size: 476940MB BusType: 3
11:27:24.495 Disk 0 MBR read successfully
11:27:24.500 Disk 0 MBR scan
11:27:24.517 Disk 0 Windows 7 default MBR code
11:27:24.524 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 16384 MB offset 2048
11:27:24.546 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 33556480
11:27:24.564 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 460454 MB offset 33761280
11:27:24.592 Disk 0 scanning C:\Windows\system32\drivers
11:27:40.959 Service scanning
11:28:40.138 Modules scanning
11:28:40.146 Disk 0 trace - called modules:
11:28:40.170 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
11:28:40.176 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80068e5060]
11:28:40.181 3 CLASSPNP.SYS[fffff8800163b43f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa80049c6050]
11:28:42.610 AVAST engine scan C:\Windows
11:28:48.648 AVAST engine scan C:\Windows\system32
11:40:01.239 AVAST engine scan C:\Windows\system32\drivers
11:40:43.378 AVAST engine scan C:\Users\John Cahill
11:40:45.199 File: C:\Users\John Cahill\AppData\Local\Apple Computer\Apple\bcqqsele.dll **INFECTED** Win32:BHO-AFW [Trj]
11:52:56.308 AVAST engine scan C:\ProgramData
11:56:04.572 Scan finished successfully
15:26:16.665 Disk 0 MBR has been saved successfully to "C:\Users\John Cahill\Documents\Debate.org\MBR.dat"
15:26:16.817 The log file has been saved successfully to "C:\Users\John Cahill\Documents\Debate.org\aswMBR.txt"

________________________________________________________________________________________________________________________

ESET

C:\Program Files (x86)\Yontoo\YontooIEClient.dll a variant of Win32/Adware.Yontoo.A application cleaned by deleting - quarantined
C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll a variant of Win32/Adware.Yontoo.B application cleaned by deleting - quarantined
C:\ProgramData\Tarma Installer\{C049526F-B3EB-4151-9B11-B11F00F53A96}\_Setupx.dll a variant of Win32/Adware.Yontoo.B application cleaned by deleting - quarantined
C:\Users\John Cahill\AppData\Local\Google\Chrome\User Data\Default\Default\aadjdddbdedhdjgddedjgegededdddgf\background.html Win32/BHO.OEI trojan cleaned by deleting - quarantined
C:\Users\John Cahill\AppData\Local\Google\Chrome\User Data\Default\Default\aadjdddbdedhdjgddedjgegededdddgf\ContentScript.js Win32/BHO.OEI trojan cleaned by deleting - quarantined
C:\Users\John Cahill\AppData\Local\Temp\ICReinstall_DownloadManagerSetup.exe a variant of Win32/InstallCore.AW application cleaned by deleting - quarantined
C:\Users\John Cahill\AppData\Roaming\Mozilla\Firefox\Profiles\8yeu3i28.default\extensions\btloiprddh@btloiprddh.org.xpi JS/Redirector.NCA trojan deleted - quarantined
C:\Users\John Cahill\AppData\Roaming\Mozilla\Firefox\Profiles\8yeu3i28.default\extensions\plugin@yontoo.com\content\overlay.js Win32/Adware.Yontoo application cleaned by deleting - quarantined
C:\Users\John Cahill\Downloads\DownloadManagerSetup.exe a variant of Win32/InstallCore.AW application cleaned by deleting - quarantined

#4 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:02 PM

Posted 22 September 2012 - 04:01 AM

Download Adware Cleaner run it as admin Click the delete button allow it to run and post the log it creates.

http://general-changelog-team.fr/fr/downloads/finish/20-outils-de-xplode/2-adwcleaner


Download update and do a quick scan with malwarebytes and superantispyware


http://www.filehippo.com/download_malwarebytes_anti_malware/download/ecf14848530d11a2f09a94b92a69fcfa/

http://www.superantispyware.com/downloadfile.html?productid=SUPERANTISPYWAREFREE

REmove all that each of the programs above find and reboot.
Post the logs.

Download Autoruns and Autorunsc Unzip it to your desktop and then double click autoruns.exe After the scan is finished then click on File>>>>>>>>>>>Save The default name will be autoruns.arn make sure to save it as Autoruns.txt under the file type option. in other words make sure it is a .txt file instead of .arn Attach the text in your next reply.
http://download.sysinternals.com/files/Autoruns.zip

#5 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:02 PM

Posted 22 September 2012 - 07:52 AM

IGNORE PREVIOUS INSTRUCTIONS

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.



Download

adware cleaner

Launch it click on Delete

post the generated log

#6 Johnny54

Johnny54
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:09:02 PM

Posted 22 September 2012 - 01:55 PM

I cannot download the adware cleaner. It says I have insufficient permission.

#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:02 PM

Posted 22 September 2012 - 01:56 PM

Download and run malwarebytes ,minitoolbox and FSS tool and post the logs

#8 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:02 PM

Posted 22 September 2012 - 01:58 PM

I cannot download the adware cleaner. It says I have insufficient permission.



http://general-changelog-team.fr/fr/downloads/finish/20-outils-de-xplode/2-adwcleaner try this one.

Also no one has the right to tell another person to ignore any instructions these forums are for anyone to post.

#9 Johnny54

Johnny54
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:09:02 PM

Posted 22 September 2012 - 02:12 PM

Still can't download it. Let me try using Firefox instead of Chrome.

#10 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:02 PM

Posted 22 September 2012 - 02:20 PM

:thumbup2:

#11 Johnny54

Johnny54
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:09:02 PM

Posted 22 September 2012 - 02:26 PM

MBAM log


Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Database version: v2012.09.07.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
John Cahill :: JOHNCAHILL-PC [administrator]

9/6/2012 10:54:41 PM
mbam-log-2012-09-06 (22-54-41).txt

Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 362000
Time elapsed: 1 hour(s), 37 minute(s), 7 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 2
C:\Users\John Cahill\Downloads\movie_player_1280.exe (PUP.BundleOffers.IIQ) -> Quarantined and deleted successfully.
C:\Users\John Cahill\Downloads\7zip_installer_1650.exe (PUP.BundleOffers.IIQ) -> Quarantined and deleted successfully.

(end)

__________________________________________________________________________________________________________________________

Mini Toolbox log


MiniToolBox by Farbar Version: 23-07-2012
Ran by John Cahill (administrator) on 22-09-2012 at 14:22:12
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Atheros AR5B95 Wireless Network Adapter = Wireless Network Connection 2 (Connected)
Broadcom NetLink ™ Ethernet = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : JohnCahill-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection 2:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Atheros AR5B95 Wireless Network Adapter
Physical Address. . . . . . . . . : D0-DF-9A-09-CD-B7
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::cdb5:5227:3813:550c%12(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.117(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Saturday, September 22, 2012 1:35:52 PM
Lease Expires . . . . . . . . . . : Sunday, September 23, 2012 1:35:52 PM
Default Gateway . . . . . . . . . : 192.168.1.2
DHCP Server . . . . . . . . . . . : 192.168.1.2
DHCPv6 IAID . . . . . . . . . . . : 416341914
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-80-98-E1-B8-70-F4-96-33-67
DNS Servers . . . . . . . . . . . : 184.16.4.22
184.16.33.54
8.8.8.8
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom NetLink ™ Ethernet
Physical Address. . . . . . . . . : B8-70-F4-96-33-67
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{5B06BF4C-FFD7-4511-9771-B9D290391CC5}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{CFAA52E2-B9A3-4B73-8047-8C56EF480144}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:1048:37d8:cdd7:cebd(Preferred)
Link-local IPv6 Address . . . . . : fe80::1048:37d8:cdd7:cebd%13(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: ns5.ncnetwork.net
Address: 184.16.4.22

Name: google.com
Addresses: 2607:f8b0:4009:801::1000
74.125.225.66
74.125.225.67
74.125.225.68
74.125.225.69
74.125.225.70
74.125.225.71
74.125.225.72
74.125.225.73
74.125.225.78
74.125.225.64
74.125.225.65


Pinging google.com [74.125.225.69] with 32 bytes of data:
Reply from 74.125.225.69: bytes=32 time=229ms TTL=56
Reply from 74.125.225.69: bytes=32 time=10ms TTL=56

Ping statistics for 74.125.225.69:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 10ms, Maximum = 229ms, Average = 119ms
Server: ns5.ncnetwork.net
Address: 184.16.4.22

Name: yahoo.com
Addresses: 98.138.253.109
98.139.183.24
72.30.38.140


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=691ms TTL=49
Reply from 98.139.183.24: bytes=32 time=750ms TTL=50

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 691ms, Maximum = 750ms, Average = 720ms
Server: ns5.ncnetwork.net
Address: 184.16.4.22

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
12...d0 df 9a 09 cd b7 ......Atheros AR5B95 Wireless Network Adapter
11...b8 70 f4 96 33 67 ......Broadcom NetLink ™ Ethernet
1...........................Software Loopback Interface 1
15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.2 192.168.1.117 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.117 281
192.168.1.117 255.255.255.255 On-link 192.168.1.117 281
192.168.1.255 255.255.255.255 On-link 192.168.1.117 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.117 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.117 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
13 58 ::/0 On-link
1 306 ::1/128 On-link
13 58 2001::/32 On-link
13 306 2001:0:4137:9e76:1048:37d8:cdd7:cebd/128
On-link
12 281 fe80::/64 On-link
13 306 fe80::/64 On-link
13 306 fe80::1048:37d8:cdd7:cebd/128
On-link
12 281 fe80::cdb5:5227:3813:550c/128
On-link
1 306 ff00::/8 On-link
13 306 ff00::/8 On-link
12 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

=========================== Installed Programs ============================

64 Bit HP CIO Components Installer (Version: 8.2.1)
Acer Backup Manager (Version: 3.0.0.85)
Acer Crystal Eye Webcam (Version: 1.0.1523)
Acer ePower Management (Version: 6.00.3006)
Acer eRecovery Management (Version: 5.00.3002)
Acer Games (Version: 1.0.2.4)
Acer Registration (Version: 1.03.3004)
Acer ScreenSaver (Version: 1.1.0301.2011)
Acer Updater (Version: 1.02.3005)
Acrobat.com (Version: 1.6.65)
Adobe AIR (Version: 2.0.2.12610)
Adobe Flash Player 11 Plugin (Version: 11.4.402.278)
Adobe Reader X (10.1.4) (Version: 10.1.4)
Adobe Shockwave Player 11.6 (Version: 11.6.6.636)
Agatha Christie - 4:50 from Paddington (Version: 2.2.0.95)
Apple Application Support (Version: 1.5.2)
Apple Mobile Device Support (Version: 3.4.1.2)
Apple Software Update (Version: 2.1.3.127)
Ask Toolbar (Version: 1.15.4.0)
Ask Toolbar Updater (Version: 1.2.2.23821)
AVG 2013 (Version: 13.0.2591)
AVG 2013 (Version: 13.0.2677)
AVG 2013 (Version: 2013.0.2677)
Backup Manager V3 (Version: 3.0.0.85)
Bejeweled 2 Deluxe (Version: 2.2.0.95)
Bing Bar (Version: 7.0.610.0)
Bonjour (Version: 3.0.0.2)
Broadcom Gigabit NetLink Controller (Version: 14.6.1.2)
Build-a-lot 2 (Version: 2.2.0.95)
CCleaner (Version: 3.22)
Chuzzle Deluxe (Version: 2.2.0.95)
clear.fi (Version: 1.0.1422.00)
clear.fi (Version: 9.0.7418)
clear.fi Client (Version: 1.00.3008)
D3DX10 (Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Diner Dash 2 Restaurant Rescue (Version: 2.2.0.95)
DivX Setup (Version: 2.6.1.8)
Dora's World Adventure (Version: 2.2.0.95)
eBay Worldwide (Version: 2.1.0901)
ESET Online Scanner v3
ETDWare PS/2-X64 8.0.6.3_WHQL (Version: 8.0.6.3)
FATE - The Traitor Soul (Version: 2.2.0.95)
Final Drive: Nitro (Version: 2.2.0.95)
Galerie de photos Windows Live (Version: 15.4.3502.0922)
Google Chrome (Version: 21.0.1180.89)
HP Deskjet 1000 J110 series Basic Device Software (Version: 22.50.231.0)
HP Deskjet 1000 J110 series Help (Version: 140.0.65.65)
Identity Card (Version: 1.00.3006)
Intel® Control Center (Version: 1.2.1.1007)
Intel® Graphics Media Accelerator Driver (Version: 8.15.10.2182)
Intel® Management Engine Components (Version: 6.0.0.1179)
Intel® Rapid Storage Technology (Version: 9.6.2.1001)
iRip (Version: 1.2)
iTunes (Version: 10.4.0.80)
Java 7 Update 6 (Version: 7.0.60)
Java Auto Updater (Version: 2.1.9.0)
Java™ 6 Update 31 (Version: 6.0.310)
Jewel Quest Heritage (Version: 2.2.0.95)
Junk Mail filter update (Version: 15.4.3502.0922)
Launch Manager (Version: 5.1.5)
Malwarebytes Anti-Malware version 1.65.0.1400 (Version: 1.65.0.1400)
McAfee Internet Security Suite (Version: 11.0.678)
McAfee Security Scan Plus (Version: 2.0.181.2)
MediaEspresso (Version: 1.0.1418_35759)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Morrowind
Mozilla Firefox 15.0.1 (x86 en-US) (Version: 15.0.1)
Mozilla Maintenance Service (Version: 15.0.1)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Mystery P.I. - Stolen in San Francisco (Version: 2.2.0.95)
MyWinLocker (Version: 4.0.14.11)
MyWinLocker 4 (Version: 4.0.14.11)
MyWinLocker Suite (Version: 4.0.14.11)
Namco All-Stars: PAC-MAN (Version: 2.2.0.95)
newsXpresso (Version: 1.0.0.40)
NOOK for PC (Version: 2.5.1.237)
Norton Online Backup (Version: 2.1.17869)
Norton Security Scan (Version: 3.7.2.5)
NTI Media Maker 9 (Version: 9.0.2.8942)
Penguins! (Version: 2.2.0.95)
Pharos
Plants vs. Zombies - Game of the Year (Version: 2.2.0.95)
Poker Superstars III (Version: 2.2.0.95)
Polar Bowler (Version: 2.2.0.95)
Polar Golfer (Version: 2.2.0.95)
QuickTime (Version: 7.69.80.9)
Realtek High Definition Audio Driver (Version: 6.0.1.6314)
Realtek USB 2.0 Card Reader (Version: 6.1.7600.30124)
Security Task Manager 1.8d (Version: 1.8d)
Shredder (Version: 2.0.8.7)
Skype Click to Call (Version: 6.2.10687)
Skype™ 5.10 (Version: 5.10.116)
Star Wars Knights of the Old Republic (Version: 1.3.0.0)
swMSM (Version: 12.0.0.1)
TES Construction Set
Times Reader (Version: 2.055)
Torchlight (Version: 2.2.0.95)
TSLRCM 1.8
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553272) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598289) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update Installer for WildTangent Games App
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
Virtual Villagers 4 - The Tree of Life (Version: 2.2.0.95)
Visual Studio 2010 x64 Redistributables (Version: 13.0.0.1)
Vizzed Retro Game Room (Version: 1.7.0)
Welcome Center (Version: 1.02.3102)
WildTangent Games App (Acer Games) (Version: 4.0.5.36)
Windows Live (Version: 15.4.3502.0922)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3508.1109)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3508.1109)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Xvid Video Codec (Version: 1.3.2)
Yontoo 1.10.02 (Version: 1.10.02)
Zuma's Revenge (Version: 2.2.0.95)

========================= Memory info: ===================================

Percentage of memory in use: 38%
Total physical RAM: 3766.7 MB
Available physical RAM: 2322.1 MB
Total Pagefile: 7531.6 MB
Available Pagefile: 5274.51 MB
Total Virtual: 4095.88 MB
Available Virtual: 3965.15 MB

========================= Partitions: =====================================

1 Drive c: (Acer) (Fixed) (Total:449.66 GB) (Free:385.16 GB) NTFS

========================= Users: ========================================

User accounts for \\JOHNCAHILL-PC

Administrator Guest John Cahill


**** End of log ****

______________________________________________________________________________

FSS Log

Farbar Service Scanner Version: 19-09-2012
Ran by John Cahill (administrator) on 22-09-2012 at 13:42:42
Running from "C:\Users\John Cahill\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:02 PM

Posted 22 September 2012 - 02:27 PM

Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the text contents here

#13 Johnny54

Johnny54
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:09:02 PM

Posted 22 September 2012 - 02:41 PM

R Kill


Rkill 2.4.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 09/22/2012 02:32:27 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Windows Defender Disabled

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001

Checking Windows Service Integrity:

* Windows Defender (WinDefend) is not Running.
Startup Type set to: Manual

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* No issues found.

Program finished at: 09/22/2012 02:32:49 PM
Execution time: 0 hours(s), 0 minute(s), and 21 seconds(s)

____________________________________________________________

Autoruns


"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" ""
+ "rdpclip" "" "" "File not found: rdpclip"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "ETDCtrl" "ETD Control Center" "ELAN Microelectronics Corp." "c:\program files\elantech\etdctrl.exe"
+ "HotKeysCmds" "hkcmd Module" "Intel Corporation" "c:\windows\system32\hkcmd.exe"
+ "IgfxTray" "igfxTray Module" "Intel Corporation" "c:\windows\system32\igfxtray.exe"
+ "Persistence" "persistence Module" "Intel Corporation" "c:\windows\system32\igfxpers.exe"
+ "Power Management" "ePowerTray" "Acer Incorporated" "c:\program files\acer\acer epower management\epowertray.exe"
+ "RtHDVCpl" "Realtek HD Audio Manager" "Realtek Semiconductor" "c:\program files\realtek\audio\hda\ravcpl64.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe"
+ "ApnUpdater" "" "" "File not found: C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
+ "ArcadeMovieService" "clear.fi Movie Resident Program" "CyberLink Corp." "c:\program files (x86)\acer\clear.fi\movie\clear.fimovieservice.exe"
+ "AVG_UI" "AVG User Interface" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2013\avgui.exe"
+ "BackupManagerTray" "Acer Backup Manager" "NTI Corporation" "c:\program files (x86)\nti\acer backup manager\backupmanagertray.exe"
+ "BCSSync" "Microsoft Office 2010 component" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\bcssync.exe"
+ "DivXUpdate" "DivX Update" "" "c:\program files (x86)\divx\divx update\divxupdate.exe"
+ "EgisTecPMMUpdate" "PMM Update Application" "Egis Technology Inc." "c:\program files (x86)\egistec ips\pmmupdate.exe"
+ "EgisUpdate" "EgisUpdate Release Application" "Egis Technology Inc." "c:\program files (x86)\egistec ips\egisupdate.exe"
+ "IAStorIcon" "IAStorIcon" "Intel Corporation" "c:\program files (x86)\intel\intel® rapid storage technology\iastoricon.exe"
+ "iTunesHelper" "iTunesHelper" "Apple Inc." "c:\program files (x86)\itunes\ituneshelper.exe"
+ "LManager" "Launch Manager" "Dritek System Inc." "c:\program files (x86)\launch manager\lmanager.exe"
+ "mcui_exe" "McAfee Security Center" "McAfee, Inc." "c:\program files\mcafee.com\agent\mcagent.exe"
+ "Norton Online Backup" "Norton Online Backup Service" "Symantec Corporation" "c:\program files (x86)\symantec\norton online backup\nobuclient.exe"
+ "QuickTime Task" "QuickTime Task" "Apple Inc." "c:\program files (x86)\quicktime\qttask.exe"
+ "ROC_ROC_NT" "" "" "File not found: C:\Program Files (x86)\AVG Secure Search\ROC_ROC_NT.exe"
+ "ROC_roc_ssl_v12" "" "" "File not found: C:\Program Files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe"
+ "SuiteTray" "SuiteTray" "Egis Technology Inc." "c:\program files (x86)\egistec mywinlockersuite\x86\suitetray.exe"
+ "SunJavaUpdateSched" "Java™ Update Scheduler" "Sun Microsystems, Inc." "c:\program files (x86)\common files\java\java update\jusched.exe"
+ "vProt" "" "" "File not found: C:\Program Files (x86)\AVG Secure Search\vprot.exe"
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "McAfee Security Scan Plus.lnk" "McAfee Security Scanner Scheduler" "McAfee, Inc." "c:\program files (x86)\mcafee security scan\2.0.181\ssscheduler.exe"
"C:\Users\John Cahill\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "OneNote 2010 Screen Clipper and Launcher.lnk" "Microsoft OneNote Quick Launcher" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\onenotem.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Apple" "Intel Indeo® video 5.10" "Intel Corporation" "c:\users\john cahill\appdata\local\apple computer\apple\bcqqsele.dll"
+ "Google Update" "Google Installer" "Google Inc." "c:\users\john cahill\appdata\local\google\update\googleupdate.exe"
+ "Sidebar" "Windows Desktop Gadgets" "Microsoft Corporation" "c:\program files\windows sidebar\sidebar.exe"
+ "Skype" "Skype " "Skype Technologies S.A." "c:\program files (x86)\skype\phone\skype.exe"
+ "Xvid" "" "" "c:\program files (x86)\xvid\checkupdate.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "application/x-mfe-ipt" "McAfee MSC IE plugin DLL" "McAfee, Inc." "c:\program files\mcafee\msc\mcsniepl64.dll"
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office14\msoxmlmf.dll"
"HKLM\SOFTWARE\Classes\Protocols\Handler" "" "" ""
+ "dssrequest" "SiteAdvisor" "McAfee, Inc." "c:\program files (x86)\mcafee\siteadvisor\x64\mcieplg.dll"
+ "sacore" "SiteAdvisor" "McAfee, Inc." "c:\program files (x86)\mcafee\siteadvisor\x64\mcieplg.dll"
+ "skype-ie-addon-data" "Skype Click to Call for Internet Explorer" "Skype Technologies S.A." "c:\program files (x86)\skype\toolbars\internet explorer x64\skypeieplugin.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks" "" "" ""
+ "Groove GFS Stub Execution Hook" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks" "" "" ""
+ "Groove GFS Stub Execution Hook" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "AVG Shell Extension" "AVG Shell Extension" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2013\avgsea.dll"
+ "McCtxMenuFrmWrk" "McAfee ContextMenu Framework" "McAfee, Inc." "c:\program files\mcafee\msc\mcctxmenufrmwrk.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "AVG Shell Extension" "AVG Shell Extension" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2013\avgse.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "MWLIVShellExt" "Shell Dynamic Link Library" "Egis Technology Inc. " "c:\program files (x86)\egistec mywinlocker\x64\mwlivshellext.dll"
+ "ShredderContextMenu" "ShredderContextMenu" "Egis Technology Inc." "c:\program files (x86)\egistec shredder\x64\shreddercontextmenu.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MWLIVShellExt" "Shell Dynamic Link Library" "Egis Technology Inc. " "c:\program files (x86)\egistec mywinlocker\mwlivshellext.dll"
+ "ShredderContextMenu" "ShredderContextMenu" "Egis Technology Inc." "c:\program files (x86)\egistec shredder\x86\shreddercontextmenu.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
+ "igfxcui" "igfxpph Module" "Intel Corporation" "c:\windows\system32\igfxpph.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sbdrop.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "AVG Shell Extension" "AVG Shell Extension" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2013\avgsea.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "McCtxMenuFrmWrk" "McAfee ContextMenu Framework" "McAfee, Inc." "c:\program files\mcafee\msc\mcctxmenufrmwrk.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "AVG Shell Extension" "AVG Shell Extension" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2013\avgse.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 2 (GFS Stub)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 3 (GFS Folder)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 2 (GFS Stub)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 3 (GFS Folder)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Groove GFS Browser Helper" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Java™ Plug-In 2 SSV Helper" "" "" "File not found: C:\Program Files\Java\jre6\bin\jp2ssv.dll"
+ "McAfee Phishing Filter" "" "" "File not found: c:\PROGRA~1\mcafee\msk\MSKAPB~1.DLL"
+ "McAfee SiteAdvisor BHO" "SiteAdvisor" "McAfee, Inc." "c:\program files (x86)\mcafee\siteadvisor\x64\mcieplg.dll"
+ "Office Document Cache Handler" "Microsoft Office Document Cache Handler" "Microsoft Corporation" "c:\program files\microsoft office\office14\urlredir.dll"
+ "scriptproxy" "VSCore Script Scanner" "McAfee, Inc." "c:\program files\common files\mcafee\systemcore\scriptsn.20120622232240.dll"
+ "Skype add-on for Internet Explorer" "Skype Click to Call for Internet Explorer" "Skype Technologies S.A." "c:\program files (x86)\skype\toolbars\internet explorer x64\skypeieplugin.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "Ask Toolbar" "" "" "File not found: C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll"
+ "AVG Security Toolbar" "" "" "File not found: C:\Program Files (x86)\AVG Secure Search\12.2.5.34\AVG Secure Search_toolbar.dll"
+ "Bing Bar Helper" "Bing Client Extensions" "Microsoft Corporation." "c:\program files (x86)\microsoft\bingbar\bingext.dll"
+ "DivX Plus Web Player HTML5 <video>" "DivX Plus Web Player HTML5 <video> version 2.1.2.145" "DivX, LLC" "c:\program files (x86)\divx\divx plus web player\ie\divxhtml5\divxhtml5.dll"
+ "Groove GFS Browser Helper" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files (x86)\java\jre7\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files (x86)\java\jre7\bin\ssv.dll"
+ "McAfee Phishing Filter" "" "" "c:\program files\mcafee\msk\mskapbho.dll"
+ "McAfee SiteAdvisor BHO" "SiteAdvisor" "McAfee, Inc." "c:\program files (x86)\mcafee\siteadvisor\mcieplg.dll"
+ "Office Document Cache Handler" "Microsoft Office Document Cache Handler" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\urlredir.dll"
+ "scriptproxy" "VSCore Script Scanner" "McAfee, Inc." "c:\program files (x86)\common files\mcafee\systemcore\scriptsn.20120622232240.dll"
+ "Skype Browser Helper" "Skype Click to Call for Internet Explorer" "Skype Technologies S.A." "c:\program files (x86)\skype\toolbars\internet explorer\skypeieplugin.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKCU\Software\Microsoft\Internet Explorer\UrlSearchHooks" "" "" ""
+ "McAfee SiteAdvisor Toolbar" "SiteAdvisor" "McAfee, Inc." "c:\program files (x86)\mcafee\siteadvisor\x64\mcieplg.dll"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "McAfee SiteAdvisor" "SiteAdvisor" "McAfee, Inc." "c:\program files (x86)\mcafee\siteadvisor\x64\mcieplg.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "Ask Toolbar" "" "" "File not found: C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll"
+ "AVG Security Toolbar" "" "" "File not found: C:\Program Files (x86)\AVG Secure Search\12.2.5.34\AVG Secure Search_toolbar.dll"
+ "Bing" "Bing Client Extensions" "Microsoft Corporation." "c:\program files (x86)\microsoft\bingbar\bingext.dll"
+ "McAfee SiteAdvisor" "SiteAdvisor" "McAfee, Inc." "c:\program files (x86)\mcafee\siteadvisor\mcieplg.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "OneNote Lin&ked Notes" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files\microsoft office\office14\onbttnielinkednotes.dll"
+ "Se&nd to OneNote" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files\microsoft office\office14\onbttnie.dll"
+ "Skype Click to Call" "Skype Click to Call for Internet Explorer" "Skype Technologies S.A." "c:\program files (x86)\skype\toolbars\internet explorer x64\skypeieplugin.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "&Blog This in Windows Live Writer" "Windows Live Writer Blog This Extension" "Microsoft Corporation" "c:\program files (x86)\windows live\writer\writerbrowserextension.dll"
+ "OneNote Lin&ked Notes" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\onbttnielinkednotes.dll"
+ "Se&nd to OneNote" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\onbttnie.dll"
+ "Skype Click to Call" "Skype Click to Call for Internet Explorer" "Skype Technologies S.A." "c:\program files (x86)\skype\toolbars\internet explorer\skypeieplugin.dll"
"Task Scheduler" "" "" ""
+ "\CCleanerSkipUAC" "CCleaner" "Piriform Ltd" "c:\program files\ccleaner\ccleaner.exe"
+ "\clear.fi" "clear.fi" "Acer Incorporated" "c:\program files (x86)\acer\clear.fi\mvp\clear.fi.exe"
+ "\clear.fiAgent" "clear.fi Resident Program" "CyberLink Corp." "c:\program files (x86)\acer\clear.fi\mvp\clear.fiagent.exe"
+ "\DMREngine" "DMREngine" "CyberLink" "c:\program files (x86)\acer\clear.fi\mvp\.\kernel\dmr\dmrengine.exe"
+ "\GoogleUpdateTaskUserS-1-5-21-3862121870-3110265749-2928254948-1000Core" "Google Installer" "Google Inc." "c:\users\john cahill\appdata\local\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskUserS-1-5-21-3862121870-3110265749-2928254948-1000UA" "Google Installer" "Google Inc." "c:\users\john cahill\appdata\local\google\update\googleupdate.exe"
+ "\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task" "Windows Live Social Object Extractor Engine" "Microsoft Corporation" "c:\program files (x86)\windows live\soxe\wlsoxe.dll"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
+ "\Norton Security Scan for John Cahill" "Norton Security Scan" "Symantec Corporation" "c:\program files (x86)\norton security scan\engine\3.7.2.5\nss.exe"
+ "\Scheduled Update for Ask Toolbar" "" "" "File not found: C:\Program Files (x86)\Ask.com\UpdateTask.exe"
+ "\SidebarExecute" "Windows Desktop Gadgets" "Microsoft Corporation" "c:\program files\windows sidebar\sidebar.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "0114281345922330mcinstcleanup" "" "" "File not found: C:\Windows\TEMP\0114281345922330mcinst.exe -cleanup -nolog"
+ "AdobeARMservice" "Adobe Acrobat Updater keeps your Adobe software up to date." "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe"
+ "AdobeFlashPlayerUpdateSvc" "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes." "Adobe Systems Incorporated" "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"
+ "Apple Mobile Device" "Provides the interface to Apple mobile devices." "Apple Inc." "c:\program files (x86)\common files\apple\mobile device support\applemobiledeviceservice.exe"
+ "AVGIDSAgent" "Provides Identity Protection Against Cyber Crime." "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2013\avgidsagent.exe"
+ "avgwd" "AVG Watchdog Service" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2013\avgwdsvc.exe"
+ "BBSvc" "Keeps Bing Bar up-to-date. Disabling this service might prevent updates and expose your computer to security vulnerabilities or functional flaws in Bing Bar." "Microsoft Corporation." "c:\program files (x86)\microsoft\bingbar\bbsvc.exe"
+ "Bonjour Service" "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence." "Apple Inc." "c:\program files (x86)\bonjour\mdnsresponder.exe"
+ "DsiWMIService" "Dritek WMI Service" "Dritek System Inc." "c:\program files (x86)\launch manager\dsiwmis.exe"
+ "EgisTec Ticket Service" "Egis Ticket Service" "Egis Technology Inc. " "c:\program files (x86)\common files\egistec\services\egisticketservice.exe"
+ "ePowerSvc" "Acer ePower Service" "Acer Incorporated" "c:\program files\acer\acer epower management\epowersvc.exe"
+ "FLEXnet Licensing Service" "This service performs licensing functions on behalf of FLEXnet enabled products." "Acresso Software Inc." "c:\program files (x86)\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe"
+ "GamesAppService" "WT Games App Services" "WildTangent, Inc." "c:\program files (x86)\wildtangent games\app\gamesappservice.exe"
+ "GREGService" "Global Registration Service" "Acer Incorporated" "c:\program files (x86)\acer\registration\gregsvc.exe"
+ "IAStorDataMgrSvc" "Provides storage event notification and manages communication between the storage driver and user space applications." "Intel Corporation" "c:\program files (x86)\intel\intel® rapid storage technology\iastordatamgrsvc.exe"
+ "iPod Service" "iPod hardware management services" "Apple Inc." "c:\program files\ipod\bin\ipodservice.exe"
+ "Live Updater Service" "Updater Service" "Acer Incorporated" "c:\program files\acer\acer updater\updaterservice.exe"
+ "LMS" "Allows applications to access the local Intel® Management and Security Application using its locally-available selected network interfaces." "Intel Corporation" "c:\program files (x86)\intel\intel® management engine components\lms\lms.exe"
+ "McAfee SiteAdvisor Service" "McAfee Service Host" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McComponentHostService" "McAfee Security Scan Component Host Service" "McAfee, Inc." "c:\program files (x86)\mcafee security scan\2.0.181\mcchsvc.exe"
+ "McMPFSvc" "Helps protect your computer from intrusion and let's you manage your computer's trusted programs." "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "mcmscsvc" "McAfee Services" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McNaiAnn" "McAfee VirusScan Announcer" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McNASvc" "McAfee Network Agent" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McODS" "McAfee Scanner" "McAfee, Inc." "c:\program files\mcafee\virusscan\mcods.exe"
+ "McProxy" "McAfee Proxy Service" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McShield" "McAfee OnAccess Scanner" "McAfee, Inc." "c:\program files\common files\mcafee\systemcore\mcshield.exe"
+ "mfefire" "Provides firewall services to McAfee products" "McAfee, Inc." "c:\program files\common files\mcafee\systemcore\mfefire.exe"
+ "mfevtp" "Provides validation trust protection services" "McAfee, Inc." "c:\program files\common files\mcafee\systemcore\mfevtps.exe"
+ "Microsoft SharePoint Workspace Audit Service" "Microsoft SharePoint Workspace" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\groove.exe"
+ "MozillaMaintenance" "The Mozilla Maintenance Service ensures that you have the latest and most secure version of Mozilla Firefox on your computer. Keeping Firefox up to date is very important for your online security, and Mozilla strongly recommends that you keep this service enabled." "Mozilla Foundation" "c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe"
+ "MSK80Service" "This service filters e-mail messages on your computer" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "Net Driver HPZ12" "Dot4Net Module" "Hewlett-Packard" "c:\windows\system32\hpzinw12.dll"
+ "NOBU" "Norton Online Backup Service" "Symantec Corporation" "c:\program files (x86)\symantec\norton online backup\nobuagent.exe"
+ "NTI IScheduleSvc" "NTI IShadow Manage backup/Sync jobs and etc..." "NTI Corporation" "c:\program files (x86)\nti\acer backup manager\ischedulesvc.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\source engine\ose.exe"
+ "osppsvc" "Office Software Protection Platform Service (unlocalized description)" "Microsoft Corporation" "c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe"
+ "Pharos Systems ComTaskMaster" "Pharos Systems ComTaskMaster" "Pharos Systems International" "c:\program files (x86)\pharossystems\core\ctskmstr.exe"
+ "Pml Driver HPZ12" "PmlDrv Module" "Hewlett-Packard" "c:\windows\system32\hpzipm12.dll"
+ "SeaPort" "Enables the detection, download and installation of up-to-date configuration files for Bing Bar. Also provides server communication for the customer experience improvement program. Stopping or disabling this service may prevent you from getting the latest updates for Bing Bar, which may expose your computer to security vulnerabilities or functional flaws in the Bing Bar." "Microsoft Corporation" "c:\program files (x86)\microsoft\bingbar\seaport.exe"
+ "Skype C2C Service" "Skype Click to Call Update Service" "Skype Technologies S.A." "c:\programdata\skype\toolbars\skype c2c service\c2c_service.exe"
+ "SkypeUpdate" "Enables the detection, download and installation of updates for Skype." "Skype Technologies" "c:\program files (x86)\skype\updater\updater.exe"
+ "UNS" "Intel® Management and Security Application User Notification Service - Updates the Windows Event Log with notifications of pre defined events received from the local Intel® Management and Security Application Device." "Intel Corporation" "c:\program files (x86)\intel\intel® management engine components\uns\uns.exe"
+ "vToolbarUpdater12.2.6" "ToolbarU Application" "" "c:\program files (x86)\common files\avg secure search\vtoolbarupdater\12.2.6\toolbarupdater.exe"
+ "WinDefend" "Protection against spyware and potentially unwanted software" "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "wlidsvc" "Enables Windows Live ID authentication." "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidsvc.exe"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "athr" "Atheros Extensible Wireless LAN device driver" "Atheros Communications, Inc." "c:\windows\system32\drivers\athrx.sys"
+ "AVGIDSDriver" "AVG Technologies IDS Application Activity Monitor Driver" "AVG Technologies CZ, s.r.o. " "c:\windows\system32\drivers\avgidsdrivera.sys"
+ "AVGIDSHA" "AVG Technologies IDS Application Activity Monitor Helper Driver" "AVG Technologies CZ, s.r.o. " "c:\windows\system32\drivers\avgidsha.sys"
+ "Avgldx64" "AVG AVI Loader Driver" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avgldx64.sys"
+ "Avgloga" "AVG Logging Driver" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avgloga.sys"
+ "Avgmfx64" "AVG Resident Shield Minifilter Driver" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avgmfx64.sys"
+ "Avgrkx64" "AVG Anti-Rootkit Driver" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avgrkx64.sys"
+ "Avgtdia" "AVG Network connection watcher" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avgtdia.sys"
+ "avgtp" "" "AVG Technologies" "c:\windows\system32\drivers\avgtpx64.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60a.sys"
+ "BCM43XX" "Broadcom 802.11 Network Adapter wireless driver" "Broadcom Corporation" "c:\windows\system32\drivers\bcmwl664.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "cfwids" "McAfee Personal Firewall IDS Plugin" "McAfee, Inc." "c:\windows\system32\drivers\cfwids.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbda.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "ETD" "ETD Kernel Center" "ELAN Microelectronics Corp." "c:\windows\system32\drivers\etd.sys"
+ "GEARAspiWDM" "CD DVD Filter" "GEAR Software Inc." "c:\windows\system32\drivers\gearaspiwdm.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "HECIx64" "Intel® Management Engine Interface" "Intel Corporation" "c:\windows\system32\drivers\hecix64.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "iaStor" "Intel Rapid Storage Technology driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastor.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "igfx" "Intel Graphics Kernel Mode Driver" "Intel Corporation" "c:\windows\system32\drivers\igdkmd64.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "Impcd" "Intel® Turbo Boost Technology Driver" "Intel Corporation" "c:\windows\system32\drivers\impcd.sys"
+ "IntcAzAudAddService" "Realtek® High Definition Audio Function Driver" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtkvhd64.sys"
+ "k57nd60a" "Broadcom NetLink ™ Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\k57nd60a.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "mfeapfk" "Access Protection Filter Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfeapfk.sys"
+ "mfeavfk" "Anti-Virus File System Filter Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfeavfk.sys"
+ "mfeavfk01" "" "" "File not found: C:\Windows\System32\Drivers\mfeavfk01.sys"
+ "mfefirek" "McAfee Core Firewall Engine Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfefirek.sys"
+ "mfehidk" "McAfee Link Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfehidk.sys"
+ "mfenlfk" "McAfee NDIS Light Filter" "McAfee, Inc." "c:\windows\system32\drivers\mfenlfk.sys"
+ "mferkdet" "McAfee Code Analysis Driver" "McAfee, Inc." "c:\windows\system32\drivers\mferkdet.sys"
+ "mfewfpk" "Anti-Virus Mini-Firewall Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfewfpk.sys"
+ "mwlPSDFilter" "mwlPSDFilter Filter Driver" "Egis Technology Inc." "c:\windows\system32\drivers\mwlpsdfilter.sys"
+ "mwlPSDNServ" "mwlPSDNServ Driver" "Egis Technology Inc." "c:\windows\system32\drivers\mwlpsdnserv.sys"
+ "mwlPSDVDisk" "mwlPSDVdisk Driver" "Egis Technology Inc." "c:\windows\system32\drivers\mwlpsdvdisk.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "NTIDrvr" "NTI CD-ROM Filter Driver" "NTI Corporation" "c:\windows\system32\drivers\ntidrvr.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "RSUSBSTOR" "Realtek USB Mass Storage Driver for 2K/XP/Vista/Win7" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtsustor.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "UBHelper" "NTI CD-ROM Filter Driver" "NTI Corporation" "c:\windows\system32\drivers\ubhelper.sys"
+ "USBAAPL64" "Apple Mobile Device USB Driver" "Apple, Inc." "c:\windows\system32\drivers\usbaapl64.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
+ "vidc.XVID" "" "" "c:\windows\system32\xvidvfw.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Audio Layer-3 Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codecp.acm"
+ "msacm.l3codecp" "MPEG Audio Layer-3 Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codecp.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll"
+ "vidc.DIVX" "DivX" "DivX, Inc." "c:\windows\syswow64\divx.dll"
+ "vidc.XVID" "" "" "c:\windows\syswow64\xvidvfw.dll"
+ "vidc.yv12" "DivX" "DivX, Inc." "c:\windows\syswow64\divx.dll"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "Xvid MPEG-4 Video Decoder" "" "" "c:\windows\system32\xvid.ax"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "AsyncEx" "VisioForge AsyncEx Filter" "VisioForge" "c:\users\john cahill\appdata\roaming\windsolutions\copytransmanager\copytransmanager.ax"
+ "Capture File Writer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "CyberLink Audio Decoder (PCMMovie)" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files (x86)\acer\clear.fi\movie\audiofilter\claud.ax"
+ "CyberLink Audio Effect (PCMMovie)" "CyberLink Audio Effect Filter" "CyberLink Corporation" "c:\program files (x86)\acer\clear.fi\movie\audiofilter\claudfx.ax"
+ "CyberLink Audio Spectrum Analyzer (PCMMovie)" "CLAudSpa.ax" "CyberLink Corp." "c:\program files (x86)\acer\clear.fi\movie\audiofilter\claudspa.ax"
+ "CyberLink Audio Wizard (PCMMovie)" "CyberLink Audio Wizard Filter" "CyberLink Corp." "c:\program files (x86)\acer\clear.fi\movie\audiofilter\claudwizard.ax"
+ "CyberLink DVD Navigator" "CyberLink DVD Navigation Filter" "CyberLink Corp." "c:\program files (x86)\acer\clear.fi\movie\navfilter\clnavx.ax"
+ "CyberLink Line21 Decoder (PCMMovie)" "CyberLink Line21 Decoder Filter" "CyberLink Corp." "c:\program files (x86)\acer\clear.fi\movie\videofilter\clline21.ax"
+ "CyberLink TimeStretch Filter (PCMMovie)" "CLAuTS.ax" "CyberLink Corp." "c:\program files (x86)\acer\clear.fi\movie\audiofilter\clauts.ax"
+ "CyberLink Tzan Filter (PCMMovie)" "Cyberlink Tzan Filter" "CyberLink Corp." "c:\program files (x86)\acer\clear.fi\movie\videofilter\cltzan.ax"
+ "CyberLink Video/SP Decoder (PCMMovie)" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files (x86)\acer\clear.fi\movie\videofilter\clvsd.ax"
+ "DivX AAC Decoder" "AAC audio decoder filter" "DivX, Inc." "c:\program files (x86)\divx\divx plus directshow filters\daac.ax"
+ "DivX Decoder Filter" "DivX Decoder Filter" "DivX, Inc." "c:\program files (x86)\divx\divx codec\divxdec.ax"
+ "DivX Demux Filter" "DivX Plus DMF Navigator Filter" "DivX, Inc." "c:\program files (x86)\divx\divx plus directshow filters\directshowdemuxfilter.dll"
+ "DivX Demux Filter (Unrestricted Edition)" "DivX Plus DMF Navigator Filter" "DivX, Inc." "c:\program files (x86)\divx\divx plus directshow filters\directshowdemuxfilter.dll"
+ "DivX H.264 Decoder" "DivX H.264 Decoder Filter" "DivX, Inc." "c:\program files (x86)\divx\divx plus directshow filters\divxdech264.ax"
+ "Record Queue" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "SlideShow" "" "" "c:\program files (x86)\nti\nti media maker 9\media maker\slideshow.ax"
+ "WM VIH2 Fix" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT DV Extract Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Sample Info Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Switch Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Renderer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Source" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "Xvid MPEG-4 Video Decoder" "" "" "c:\windows\syswow64\xvid.ax"
"HKLM\System\CurrentControlSet\Control\Session Manager\BootExecute" "" "" ""
+ "C:\PROGRA~2\AVG\AVG2013\avgrsa.exe /sync /restart" "AVG Resident Shield Service" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2013\avgrsa.exe"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers" "" "" ""
+ "WLIDCredentialProvider" "Microsoft® Windows Live ID Credential Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidcredprov.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "igfxcui" "igfxdev Module" "Intel Corporation" "c:\windows\system32\igfxdev.dll"
"HKCU\Control Panel\Desktop\Scrnsave.exe" "" "" ""
+ "C:\Windows\System32\Acer.scr" "Screen Saver" "" "c:\windows\system32\acer.scr"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files (x86)\bonjour\mdnsnsp.dll"
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files\bonjour\mdnsnsp.dll"
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "HP 8811 Status Monitor" "Print Status Language Monitor" "Hewlett-Packard Co." "c:\windows\system32\hpinksts8811lm.dll"
+ "LIDIL hpzlllhn" "LanguageMonitor" "Hewlett-Packard Company" "c:\windows\system32\hpzlllhn.dll"
+ "Pharos Systems Popup Port Monitor" "Print Router for Win64" "Pharos Systems International" "c:\windows\system32\psr968b2.dll"
"C:\Users\John Cahill\AppData\Local\Microsoft\Windows Sidebar\Settings.ini" "" "" ""
+ "AVG" "AVG" "AVG Technologies" "C:\Program Files\Windows Sidebar\Shared Gadgets\AVG.Gadget\\Gadget.xml"

#14 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:02 PM

Posted 22 September 2012 - 02:45 PM

Disable your antivirus and download Adware cleaner and run it

You have two antivirus:AVG & Mcafee.Uninstall one of them.

Launch Autoruns and uncheck this entry

"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Apple" "Intel Indeo® video 5.10" "Intel Corporation" "c:\users\john cahill\appdata\local\apple computer\apple\bcqqsele.dll"

Restart the PC and delete this file

c:\users\john cahill\appdata\local\apple computer\apple\bcqqsele.dll

Let me know if you still have redirects

#15 Johnny54

Johnny54
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:09:02 PM

Posted 22 September 2012 - 03:27 PM

No more redirects. Everything is working great.

Thanks a bunch for the help. I greatly appreciate it.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users